package com.howie.parnote.security;

import com.howie.parnote.util.security.CSRFTokenManager;
import org.springframework.web.servlet.support.RequestDataValueProcessor;

import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;

/**
 * <p>Title: parnote</p>
 * <p>
 * Description: parnote
 * </p>
 *
 * @author huangyan
 *         Created by HY on 2015/4/16 0016.
 * @version v1.0.0
 */
public class CSRFRequestDataValueProcessor implements RequestDataValueProcessor {
	@Override
	public String processAction(HttpServletRequest request, String action, String httpMethod) {
		return action;
	}

	@Override
	public String processFormFieldValue(HttpServletRequest request, String name, String value, String type) {
		return value;
	}

	@Override
	public Map<String, String> getExtraHiddenFields(HttpServletRequest request) {
		Map<String, String> hiddenFields = new HashMap<String, String>();
		hiddenFields.put(CSRFTokenManager.CSRF_PARAM_NAME, CSRFTokenManager.getTokenFromSession(request.getSession()));
		return hiddenFields;
	}

	@Override
	public String processUrl(HttpServletRequest request, String url) {
		return url;
	}
}
